Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
Gaining access to a physical ethernet port can be difficult; however, if an attacker is successful, it is relatively easy to add a device such as a Raspberry Pi. After connecting the device to the network, an attacker can establish a remote SSH connection to obscure attempts to establish command-and-control beaconing or exfiltrate data.
Kill Chain
Risk Score
60
N/A
Ensure ethernet ports are not accessible in unattended public areas
Block outbound connections on port 22
Quarantine the device while checking for indicators of compromise, such as the presence of malware
Quarantine the device, determine that it belongs on your network, and check for malicious activity
